7bb2b33ccd52d6c83317d021b91c02c2a3116ee7e4d225d9a074faa06c458130

Analysis

max time kernel
145s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
28/05/2024, 07:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7c3f3211973ffedcc6bc157eacf828b8_JaffaCakes118.html
Size

172KB
MD5

7c3f3211973ffedcc6bc157eacf828b8
SHA1

05c3df5ca65046b4e233883c8859663fda0392de
SHA256

7bb2b33ccd52d6c83317d021b91c02c2a3116ee7e4d225d9a074faa06c458130
SHA512

6988a8806095ea35fe1bd61fe80b1a448f44c3ab0953b61ce294156cb19b3b0b54ab9b0ae003c13dc8dbcdc1892716f3d670eced351d81cae4e6a4cdd174b43e
SSDEEP

3072:cBS1yZ7z1WsyurEK9HRcBjwGBk3MMGG9lE/sMfrmBRktYT/qxmUqNbrZSG0:E8SSV

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
5016	msedge.exe
5016	msedge.exe
4800	msedge.exe
4800	msedge.exe
1700	msedge.exe
1700	msedge.exe
1700	msedge.exe
1700	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4800 wrote to memory of 1204	4800	msedge.exe	83
PID 4800 wrote to memory of 1204	4800	msedge.exe	83
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 4960	4800	msedge.exe	84
PID 4800 wrote to memory of 5016	4800	msedge.exe	85
PID 4800 wrote to memory of 5016	4800	msedge.exe	85
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86
PID 4800 wrote to memory of 2592	4800	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7c3f3211973ffedcc6bc157eacf828b8_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe902246f8,0x7ffe90224708,0x7ffe90224718
  2⤵
  PID:1204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,9616761755710504823,11492511836218887252,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
  2⤵
  PID:4960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,9616761755710504823,11492511836218887252,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2324 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,9616761755710504823,11492511836218887252,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
  2⤵
  PID:2592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9616761755710504823,11492511836218887252,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9616761755710504823,11492511836218887252,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9616761755710504823,11492511836218887252,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1
  2⤵
  PID:396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9616761755710504823,11492511836218887252,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:4980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9616761755710504823,11492511836218887252,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
  2⤵
  PID:2932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9616761755710504823,11492511836218887252,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,9616761755710504823,11492511836218887252,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
  2⤵
  PID:464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,9616761755710504823,11492511836218887252,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1700

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4980

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2052

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
9b3b36aef552233ead69dcae6d169cab

SHA1
4d58c9cae0f6974f8963923260f8b9a229fe92df

SHA256
c862bc43093772af01663ab12f5d3ef20e8f6c1d0e8f4bca47865c17e16d4ca9

SHA512
f0a6ef93e7b05a911159eef28337e6bc730b9d036c18e6577f4d96f0ba1953fa34ad71cb0899432b69c41f80e55315231429bc9aec4a79fdbf8a1360073e3230

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
eb4e904f92ea9ff609b18f4b11171937

SHA1
6afbfe22c6b629ef9c5d44b28672ce59ca69850d

SHA256
88a775a488436d932b05e5484990b727fbfcb59c11bbdc90d1d93f64a96b1193

SHA512
8a7b6e0381bba46be3da4ae8835fe509825d12928dedc065ba58b665b84a939c7c0a91ec1abe6dbec899eb248a1f32ab457bed1dc7af852873ddb15fc88f9691

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
86fd6ce2541bc3cf01f11bbd41ec56ea

SHA1
f665a769401e100b494708b8193c35f54a07af48

SHA256
4a8ef40424952d32b361b87c4df7d408f411e528621723a0a1a98b02a142b8eb

SHA512
04e8ab6753696d70aba205db19c3268896d70b0e5aceccbb9f5eaa3adf289a5578c4d6574440350d7c652da34357ef65ed7e473246cadccb6c72bd1bfb0048ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
bc751072afc861a109f3c3d25aa8e3a6

SHA1
a8fd427d800676331797725748b86e04d4875383

SHA256
0d05403a8304aa09738973445d9322a35679977ce28095664cf3719fbd175b67

SHA512
3feaef647610ce9d454ba4c0bce7814e3c01eaf910b5bd7514b68ff2aedf65ddd6e5fdd6431e86371584de4d41c9e6ecb70a8a055c5aa5ba527f078a07caebdf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c338ec2f67ca7ab0eb6ef8326ff60db4

SHA1
ce238f77395a20415fa1411a5ce9b9fc338cc6ac

SHA256
73dc629439f8987b6402037d660b81362f1b49e640b7df73dd62be17a903c229

SHA512
29549f016b7457249651a979833ee0b17ec143384cf22bf2131ae0742c3e7b6fa0cddff7d27e8f023e6fabab70cb25b5e7edf2ea92c37eee02ba1d26732bf5c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9b3c83d83f2b203f816aad913224609e

SHA1
303abb03945edf5c8acfb207c2c007d0ad7e80b3

SHA256
610439a14686710c3fd08ea3e151f4ed0ec7d64772bc6182cb5e9c3d06a38a68

SHA512
f884cfab88ee37f63dfd440ffbcc3e60ea957925767716ce7c2de8c8cfa68eb1d542616993605ea2045b6cf867b12c52ce9d6ee20bf46e1b8661dc0a426f7140

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
be9e6a004df4ba59e610c3607ec9ba00

SHA1
319cbe51ca382b7e99fb3391567a0d802ee68f5f

SHA256
bfe7c51f705c40962c9c0ec24b351d221130e681e721b1279f33eb36a2bbf606

SHA512
248513c87ae4ed7e5bb31c46f5d52751b8ece22e21a49f19dcbee9572974896151a5c27dc8db0e06d8f63be7c7dba0bd00c61a823515d926885c2963b4184f83

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
872B

MD5
a9d79443714624aca1a96c423149942c

SHA1
ababb7812c29fb02c7a3568eb32784075c4433c5

SHA256
ae2bea709cc840c49192c73c4196b9b008d6e3195280bf76cde950ab6122b452

SHA512
54e6729d8e071ba87bd099cff7e9d3f435b289a3ccd863dc2bd4deff265589c0b272410cc535d015c99fbcb038d2fb06d9a9623dcfe3348dc423a1d483abefc5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cb3f.TMP

Filesize
537B

MD5
e345abb26aca79988ce471c018f0f260

SHA1
6990767169423551655313e9dadbd96f770dc341

SHA256
13970e4a759616116ebe2853c83b53d2d00c4ebb4bd1d0045080121585483840

SHA512
11755bafe36fe3029e14f42444be1ee80b0827b54a1a9f1bafdb050ad25051420ae9e87a15d2d89c9693f2db958e5689dea979b6b6511347cfd36186ef978eab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
e4fb93f6619bb9791a87aa699aacc50f

SHA1
2da67ca7b1e286a22fe9968936c849ea63b46a89

SHA256
cca61c3e47c47d38f8ba40a0c5cc5ab5bcdf0772a24a4b5acd8b18f835f970c7

SHA512
12c725887eaee1656da0eeec26f3f2093f83724bef28beed0e6868b1afd0e15e09360bc590a76ea6b925f5d53b3f682adac5d4943b5e57392af166e7e8956863

Download Submit